Cybersecurity Analyst at HF Group

Principle Accountabilities

• Maintain an information system log register that is aligned to OEM and industry standards on security events logging.
• Maintain a business use case register that is used to configure correlation rules in the various Cybersecurity monitoring tools.
• Maintain an alert/exceptions report register that captures the items to be reported based on business use cases, frequency, the recipients etc.
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity.
• Monitor and respond to 'phishing' emails and 'pharming' activity.
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users.
• Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
• Engage in system security testing/'ethical hacking' – this includes simulating security breaches.
• Investigate security alerts and provide incident response.
• Generate reports for both technical and non-technical staff and stakeholders.
• Test and evaluate security controls in new and existing business products.
• Provide first-line support for all key cybersecurity systems/tools – including NAC, Anti-Virus/DLP, Content Filters, PAM, MFA, DAM, SIEM, FIM etc.
• Maintain an inventory of system users with their roles ensuring compliance with documented policies and procedures.
• Give advice and guidance to staff on issues such as spam and unwanted or malicious emails.
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations.
• Keep up to date with the latest security and technology developments.
• Research/evaluate emerging cyber security threats and ways to manage them.

Key Competencies and Skills

Technical Competencies

• Vulnerability/Penetration testing skills of applications and infrastructure.
• Social engineering skills.
• Security assessments of network infrastructure, hosts and applications.
• System audit/risk assessment skills.
• Forensics – investigation and analysis of how and why a breach or other compromise occurred.
• Troubleshooting skills.
• Knowledge of the following technology controls: - Data Loss Prevention, Anti-Virus/Anti-   malware, Database Activity Monitoring, SIEM, IDS/IPS, Mail/Web filters, Vulnerability Management system, File Integrity Monitoring, Network Access Control, Privileged Access Management, Mobile Device Management, Multi-Factor Authentication etc.
• TCP/IP, computer networking, routing and switching – an understanding of the fundamentals: the language, protocol and functioning of the internet.
• Appreciation of ISO27001 and PCI-DSS standards.
• C, C++, C#, Java or PHP programming languages.
• Cloud computing security.
• Windows, UNIX and Linux operating systems, on which most of the business world runs.

General competencies

• Excellent report writing and communication
• The ability to work well independently or within a team
• Capable of meeting deadlines
• Demonstrate Integrity and Professionalism

Minimum Qualifications, Knowledge and Experience

Qualifications- Academic and Professional

• Undergraduate degree in Computer Science /Information Technology or related field
• Certification in network administration and security such as CCNA
• Certified Ethical Hacker
• Certification in a system audit or information security related area, such as ISO/IEC 27001 Lead Auditor, CISA, CISM or CISSP

Experience

At least 3 years’ experience working either in a busy ICT environment or as consultant handling the following:

• System logging and monitoring
• Vulnerability assessment and Penetration testing
• Malware analysis
• Reverse engineering and exploit research
• Cyber threat intelligence
• Cybersecurity incident response
• Digital forensics/cyber-crime investigation
• System user access management
• Support/administration of Cybersecurity tools